<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
	pageEncoding="ISO-8859-1"
	import="com.total.reporting.presentation.*,com.total.reporting.dao.*"%>

<%@ include file="accessControl.jsp"%>
<%
	String message = "";

	if (request.getParameter("ok") != null || request.getParameter("del") != null) {
%>
<jsp:useBean id="user2" class="com.total.reporting.dao.User"
	scope="page"></jsp:useBean>
<jsp:setProperty property="id" name="user2" param="id" />
<jsp:setProperty property="nom" name="user2" param="nom" />
<jsp:setProperty property="prenom" name="user2" param="prenom" />
<jsp:setProperty property="login" name="user2" param="login" />
<jsp:setProperty property="password" name="user2" param="password" />
<jsp:setProperty property="role" name="user2" param="role" />
<jsp:setProperty property="entity" name="user2" param="entity" />



<%
	String delete = request.getParameter("del");
		if (delete != null && delete.equals("true")) {
			if(user2.getId().equals(user.getId())){
				response.getWriter().write(" a user cannot be deleted while he is connected");
				return;
			}

			UserController.delete(user2);
			request.getRequestDispatcher("usersList.jsp").forward(request, response);
			return;

		} else {


			if (user2.getId()==-1){
				message = UserController.validatePassword(user2.getPassword());
				// System.out.println(message);
				if (message == null) {
					String id = "" + UserController.saveUser(user2);
					request.getRequestDispatcher("usersList.jsp").forward(request, response);
					return;
				}
				else{
					response.getWriter().write(message);
					return;
				}
			} else {
				UserController.updateUser(user2);
				request.getRequestDispatcher("usersList.jsp").forward(request, response);
				return;
			}
		}

		//request.setAttribute("id",id);

	} else {
		User user2 = new User();
		String id = request.getParameter("id");
		if (id == null)
			id = (String) request.getAttribute("id");
		if (id != null) {
			user2 = UserController.getUserById(id);

		} else {
			user2.setId(-1);
		}
%>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>New User</title>
<LINK rel="stylesheet" type="text/css" href="style.css">
<script>
 function deleteItem(){
	 if( confirm('confirmez la suppression')){
		 document.forms[0].del.value='true';
		 document.forms[0].submit();
	 }
 }
 function selectRole(){
		var options=document.forms[0].role.options;
		for(i=0;i<options.length;i++){
			if(options[i].value=='<%=user2.getRole()%>'){
				options[i].selected='selected';
			}
		}
 }
		 
		 
	 

</script>
</head>
<body>
<form><input type="hidden" name="id"
	value="<%=user2.getId()%>" /> <input type="hidden" name="del"
	value="false" /> 
	
	<span class="title"> User</span> <br></br>
<table>
	<tr>
		<td class="label">nom</td>
		<td><input name="nom" size="80" value="<%=user2.getNom()%>"></input></td>
	</tr>
	<tr>
		<td class="label">prenom</td>
		<td><input name="prenom" size="80"
			value="<%=user2.getPrenom()%>"></input></td>
	</tr>
	<tr>
		<td class="label">login</td>
		<td><input name="login" size="80"
			value="<%=user2.getLogin()%>"></input></td>
	</tr>
	<tr>
		<td class="label">password</td>
		<td><input type="password" name="password" size="80"
			value="<%=user2.getPassword()%>"></input></td>
		<br/>
		<span class="label"><%=message%></span>
	</tr>
	<tr>
		<%
			if (userRole.equals("superAdmin")) {
		%>
		<td class="label">role</td>
		<td><select  name="role" >
			<option value="read">read</option>
			<option value="user">user</option>
			<option value="admin">admin</option>
			<option value="superAdmin">superAdmin</option>
		</select>
		<script>
			selectRole();
		</script>
		<%
			}else if (userRole.equals("admin")) {
		%>
		<td class="label">role</td>
		<td><select  name="role" >
			<option value="read">read</option>
			<option value="user">user</option>
			<option value="admin">admin</option>
		</select>
		<script>
			selectRole();
		</script>

		<%
			} else {
		%>
		<input type="hidden" class="inputfield" name="role" 
			value="<%=user2.getRole()%>"></input>
		<td class="label">role</td><td><%=user2.getRole()%></td>


<%}%>
	</tr>
	



</table>
<input type="submit" name="ok" value="Enregistrer"></input> <br></br>
<%
	if (user2.getId() > -1) {
%> <input type="button" name="delete"
	onclick="deleteItem()" value="Supprimer"></input> <%
 	}
 %>
</form>
</body>
</html>
<%
	}
%>